A Perfect Storm: the Security Challenges of Coronavirus Threats and Mass Remote Working

The Coronavirus pandemic has brought perhaps the fastest, starkest change to working patterns around the world in living memory. Whilst workers in healthcare, policing, retail, delivery, cleaning and a host of other essential frontline services grapple with vastly increased demand and challenging working conditions, a majority of office staff globally are having to quickly adjust to 24/7 home working. And IT and security teams are facing multiple challenges in delivering and securing this mass migration to remote connectivity.

To better understand these challenges, Check Point, together with Dimensional Research, recently surveyed 411 IT and security professionals, all from organizations of 500 or more employees globally and from a range of industries.

The results are sobering. 71% of security professionals have noticed an increase in security threats or attacks since the beginning of the Coronavirus outbreak. The leading threat cited was phishing (55%) followed by malicious websites purporting to offer information or advice about the pandemic (32%). Increases in malware (28%) and ransomware attacks (19%) have also been noticed.

Meanwhile, 95% of security professionals say they are facing added IT security challenges due to the spread of coronavirus. The three leading challenges were the provision of secure remote access for employees, mentioned by 56% of respondents; the need for remote access scalable solutions (55%) and employees working from home were finding and using untested software, tools and services (47%).

Looking to the future, 61% of security professionals are concerned about the need for rapid adjustments to changing circumstances, and 55% are worried about the need for improved remote access security. 49% are concerned about the need to scale-up security remotely.

In some ways, these results are unsurprising. Cybercriminals will always seek to capitalize on the latest trends to try and boost the success rates of attacks, and the Coronavirus pandemic has created a truly perfect storm. A global news event is fostering uncertainty and fear, leaving employees increasingly vulnerable to targeted phishing campaigns and malicious websites claiming to offer help and advice.

Meanwhile, dramatic changes in working practices and the technologies used by organizations have significantly increased the attack surface of those organizations, meaning more potential endpoints for cybercriminals to target, and a greater likelihood of vulnerabilities.

So how can organizations ensure business continuity amidst these unprecedented challenges? It is critical that they rapidly adapt to their new working patterns, and protect themselves with a holistic, end-to-end cyber architecture. This means ensuring accessible and reliable connections between corporate networks and remote devices, 24/7, promoting collaboration and productivity between teams, networks and offices, and retaining robust security against evolving threats and cybercrime techniques.

The survey results reinforce our recent findings regarding Coronavirus-related domains. These are 50% more likely to be malicious than other domains registered since January 2020, and indeed the average number of new domains registered in the three weeks from the end of February was almost 10 times more than the average number found in previous weeks. Similarly, Check Point’s researchers have uncovered several ‘coronavirus specials’ advertised by jackers through the dark web, with ‘Covid-19’ or ‘coronavirus’ being used as discount codes for out-of-the-box malware.

It’s also important to educate employees about the risks of spam and phishing emails, and on how they can identify the types of fake emails and websites that are typically used to propagate these threats.